Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-29 | CVE-2005-3867 | Products Cross-Site Scripting vulnerability in SearchSolutions Cross-site scripting (XSS) vulnerability in RevenuePilot Search Engine Script 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the REQ parameter, which is used when performing a search. network wwwsearchsolutions | 4.3 |
| 2005-11-29 | CVE-2005-3866 | Products Cross-Site Scripting vulnerability in SearchSolutions Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote attackers to inject arbitrary HTML and web script, possibly via the REQ parameter, which is used when performing a search. network wwwsearchsolutions | 4.3 |
| 2005-11-27 | CVE-2005-3856 | Remote Security vulnerability in Krusader 1.60.0/1.70.0Beta1 The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites. | 4.0 |
| 2005-11-27 | CVE-2005-3854 | Cross-Site Scripting vulnerability in Easypagecms Cross-site scripting (XSS) vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter. network easypagecms | 4.3 |
| 2005-11-27 | CVE-2005-3851 | Cross-Site Scripting vulnerability in Onlinetechtools.Com Oasys Lite 1.0 Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter. network onlinetechtools-com | 4.3 |
| 2005-11-27 | CVE-2005-3850 | Cross-Site Scripting vulnerability in Onlinetechtools.Com Okbsys Lite 1.0 Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q parameter. network onlinetechtools-com | 4.3 |
| 2005-11-27 | CVE-2005-3849 | Cross-Site Scripting vulnerability in PmWiki Search Cross-site scripting (XSS) vulnerability in the Search module in PmWiki up to 2.0.12 allows remote attackers to inject arbitrary web script or HTML via the q parameter. network pmwiki | 4.3 |
| 2005-11-27 | CVE-2005-3847 | Improper Locking vulnerability in multiple products The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump. | 5.5 |
| 2005-11-26 | CVE-2005-3841 | Cross-Site Scripting vulnerability in Kplaylist 1.6Build400 Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter. network kplaylist | 4.3 |
| 2005-11-26 | CVE-2005-3839 | Cross-Site Scripting vulnerability in SupportPro SupportDesk Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject arbitrary web script or HTML via the (1) post tickers and (2) view tickets options. network supportpro | 4.3 |